[KB7444] Solution for ESET Security product for Windows Server 6.5

Issue

We would like to inform you that we have identified an issue in older versions of the product of our Windows business products.

 

Details

ESET has identified that our kernel has a problem with verification of the timestamp of an already expired certificate (expired by 7th Feb 2020). This method fails and our modules in older, legacy versions, are declared as untrusted and therefore are not loaded. This mechanism ensures that no untrusted library is loaded.

As a result, the affected versions fail to load modules (Firewall, HIPS, Updated, Device Control, Web and Email protection) and are not functional, therefore the protection is not functional.

Read more about this issue

Legacy products startup issue

Solution

Important!

If you are using affected versions and issue is not manifesting, do not restart the machine and perform upgrade immediately.

Frequently Asked Questions

Please read the following ESET Knowledgebase article:
Legacy products startup issue FAQ

The following solutions are available:

1. If you have not restarted your computer with ESET Security product yet, make sure you have Update Module (version 1074.3) listed in Installed components. This module ensures protection and allows for subsequent upgrade to the latest version, which is required step to fully mitigate the situation.

Then, upgrade to the latest version:

How to check the version of installed modules in ESET Endpoint Security

In the main program window, navigate to Help and support > About ESET Endpoint Security and click Installed components. If the version of the Update module is 1074.3, your ESET product has been successfully updated.

 

2. If you have restarted your computer with ESET Security product v6.5, use the fixing tool and upgrade to the latest version if possible.

How to download and use the fixing tool

Download CertFix.exe. If you are unable to download an executable file with your browser, download CertFix.rar. The fixing tool can be run or downloaded to the machine and automatically executed from CMD.exe with the following script (the log will be created):

powershell -command "& {(New-Object System.Net.WebClient).DownloadFile('http://help.eset.com/eset_tools/CertFix.exe', '%temp%\CertFix.exe');(Start-process '%temp%\CertFix.exe' -NoNewWindow)}" > C:\CertFix.log

or if managed remotely, as client task in ESMCOperating systemRun command.

In case of incorrect registration, use the following format:

CertFix.exe --fix-wsc-only
NOTE:

Windows PowerShell comes installed by default in every Windows, starting with Windows 7 SP1 and Windows Server 2008 R2 SP1.

If you are having any concerns or questions – or are unable to upgrade to the latest versions - do not hesitate to contact ESET Technical Support in your region.